Train Series Release Notes¶
The following new parameters have been added to support arbitrary configurations for openvsiwtch_agent.ini and sriov_agent.ini
neutron::keystone::authtoken::interfaceparameter has been added, which can be used to set the interface parameter in authtoken middleware.
Support for the logging serivce plugin parameters has been added to the following classes.
It is now possible to set the report interval for the networking-baremetal ml2 agent by using new parameter
neutron::agents::ml2::ovsclass and the
neutron::agents::ml2::sriovclass supports the resource_provider_default_hypervisor parameter to set the corresponding parameter in ovs-agent and sriov-agent.
Bug #1987460: Previously the
neutron::agents::ml2::mlnxclass causes duplicate resources when used with the
neutron::agents::dhcpclass or the
neutron::agents::l3class. Now it is possible to workaround the error by implementing the following mitigation.
neutron::agents::ml2::mlnxclass AFTER the
neutron::agents::dhcpclass or the
interface_driverparameter and the
Add ‘dnsmasq_enable_addr6_list’ option support to dhcp agent settings. (See bug: #1861032)
The following two new classes have been added, to set up parameters in ovs_driver and sriov_driver section.
Add a new configuration option called “ovn_emit_need_to_frag” to the “ovn” section of etc/neutron/plugins/ml2_conf.ini. This new option tells ovn whether it should emit “need to frag” packets in case of MTU mismatch. Before enabling this configuration make sure that its supported by the host kernel (version >= 5.2) or by checking the output of the following command: ovs-appctl -t ovs-vswitchd dpif/show-dp-features br-int | grep “Check pkt length action”. Defaults to False.
Add new configuration parameter explicitly_egress_direct for ML2 OVS agent When set to True, the accepted egress unicast traffic will not use action NORMAL. The accepted egress packets will be taken care of in the final egress tables direct output flows for unicast traffic so that operators can set customized integration bridge name in l3 agent configuration. This can be enabled on some nodes to prevent flooding on integration bridge.
Add support for resource provider bandwidth.
The following two parameters have been added to define mapping of bridge name and hyper visor name to locate the parent of the resource provider tree.
Added new parameters of_connect_timeout and of_request_timeout in the neutron::agents::ml2::ovs class.
Added new parameter neutron::agents::ml2::ovs::of_inactivity_probe.
Added new parameter neutron::agents::ml2::ovs::ovsdb_timeout.
Switched the default value of the
metadata_workersconfiguration option for the OVN metadata agents to 2 (from $::os_workers). While the OVS metadata agents runs on the controllers/gateway nodes (and defaults to $::os_workers) the OVN metadata agents are distributed and runs on the compute nodes instead so, there’s no point in running dozen of them on each compute. Also, by reducing the number of workers we also reduce the burden on the OVSDB that the OVN metadata agent connects to making OVN more scalable.
The deprecated parameter neutron::manage_logging is removed.
Add support for Neutron MLNX agent.
This patch introduce parameters which support SSL to connect to OVN_Northbound DB and OVN_Southbound DB. This can be set by: * ‘ovn_nb_private_key’: The PEM file with private key for SSL connection to OVN-NB-DB * ‘ovn_nb_certificate’: The PEM file with certificate that certifies the private key specified in ovn_nb_private_key * ‘ovn_nb_ca_cert’: The PEM file with CA certificate that OVN should use to verify certificates presented to it by SSL peers * ‘ovn_sb_private_key’: The PEM file with private key for SSL connection to OVN-SB-DBt, * ‘ovn_sb_certificate’: The PEM file with certificate that certifies the private key specified in ovn_sb_private_key’ * ‘ovn_sb_ca_cert’: The PEM file with CA certificate that OVN should use to verify certificates presented to it by SSL peers
Allow users to run the RabbitMQ heartbeat over a native python thread in the oslo.messaging RabbitMQ driver, by using the rabbit_heartbeat_in_pthread option in configuration.
The deprecated pki related options check_revocations_for_cached and hash_algorithms option has been removed.
Add support for configuring security group permitted_ethertypes on the Neutron OVS agent.
New hieradata, neutron::keystone::authtoken::service_token_roles, is introduced so that specific role can be assigned to the service user who can use service token feature.
Add support to configure [oslo_middleware]/max_request_body_size with $max_request_body_size.
The Neutron LBaaS plugin has been removed upstream and is no longer available in the Train release. The following deprecated resources has been removed:
Please see the following link for more information on this deprecation: https://wiki.openstack.org/wiki/Neutron/LBaaS/Deprecation
You should use the Octavia project to implement LBaaS. https://docs.openstack.org/octavia/latest/reference/introduction.html
Add openstackclient installation to the client class.
Added the ability to configure rpc_response_max_timeout.
The default value for neutron::plugins::cisco::keystone_auth_url is changed from http://127.0.0.1:5000/v2.0/ to http://127.0.0.1:5000/v3/
The default value for neutron::plugins::plumgrid::connection is changed from http://127.0.0.1:5000/v2.0 to http://127.0.0.1:5000/v3
The default value for neutron::plugins::midonet::keystone_tenant and neutron::plugins::ml2::bigswitch::restproxy::auth_tenant has been changed from ‘service’ to ‘services’.
database_idle_timeout is deprecated and will be removed in a future release. Please use database_connection_recycle_time instead.
As of Queens the neutron-vpn-agent package for Ubuntu is no longer provided and has been replaced with the package python-neutron-vpnaas.
On Debian there is no package named openswan and the package that should be installed for VPNaaS is strongswan.